Essays in the Category “Cyberwar and Cyberterrorism”

The Government Must Show Us the Evidence That North Korea Attacked Sony

American history is littered with examples of classified information pointing us towards aggression against other countries—think WMDs—only to later learn that the evidence was wrong

  • Bruce Schneier
  • Time
  • January 5, 2015

When you're attacked by a missile, you can follow its trajectory back to where it was launched from. When you're attacked in cyberspace, figuring out who did it is much harder. The reality of international aggression in cyberspace will change how we approach defense.

Many of us in the computer-security field are skeptical of the U.S.

Read More →

We Still Don't Know Who Hacked Sony

Welcome to a world where it's impossible to tell the difference between random hackers and governments.

  • Bruce Schneier
  • The Atlantic
  • January 5, 2015

If anything should disturb you about the Sony hacking incidents and subsequent denial-of-service attack against North Korea, it's that we still don't know who's behind any of it. The FBI said in December that North Korea attacked Sony. I and others have serious doubts. There's countervailing evidence to suggest that the culprit may have been a Sony insider or perhaps Russian nationals.

No one has admitted taking down North Korea's Internet.

Read More →

Did North Korea Really Attack Sony?

It's too early to take the U.S. government at its word.

  • Bruce Schneier
  • The Atlantic
  • December 22, 2014

I am deeply skeptical of the FBI's announcement on Friday that North Korea was behind last month's Sony hack. The agency's evidence is tenuous, and I have a hard time believing it. But I also have trouble believing that the U.S.

Read More →

The Best Thing We Can Do About the Sony Hack Is Calm Down

  • Bruce Schneier
  • Motherboard
  • December 19, 2014

First we thought North Korea was behind the Sony cyberattacks. Then we thought it was a couple of hacker guys with an axe to grind. Now we think North Korea is behind it again, but the connection is still tenuous. There have been accusations of cyberterrorism, and even cyberwar.

Read More →

Antivirus Companies Should Be More Open About Their Government Malware Discoveries

Antivirus companies had tracked the sophisticated—and likely U.S.-backed—Regin malware for years. But they kept what they learned to themselves.

  • Bruce Schneier
  • MIT Technology Review
  • December 5, 2014

Last week we learned about a striking piece of malware called Regin that has been infecting computer networks worldwide since 2008. It's more sophisticated than any known criminal malware, and everyone believes a government is behind it. No country has taken credit for Regin, but there's substantial evidence that it was built and operated by the United States.

Read More →

There's No Real Difference Between Online Espionage and Online Attack

  • Bruce Schneier
  • The Atlantic
  • March 6, 2014

Back when we first started getting reports of the Chinese breaking into U.S. computer networks for espionage purposes, we described it in some very strong language. We called the Chinese actions cyber-attacks. We sometimes even invoked the word cyberwar, and declared that a cyber-attack was an act of war.

Read More →

Book Review: Cyber War Will Not Take Place

  • Bruce Schneier
  • Europe's World
  • October 1, 2013

Cyber War Will Not Take Place
by Thomas Rid
Hurst & Co., 2013, 218 pp.
ISBN: 978 1 84904 280 2

Cyber war is possibly the most dangerous buzzword of the Internet era. The fear-inducing rhetoric surrounding it is being used to justify major changes in the way the internet is organised, governed, and constructed. And in Cyber War Will Not Take Place, Thomas Rid convincingly argues that cyber war is not a compelling threat. Rid is one of the leading cyber war sceptics in Europe, and although he doesn't argue that war won't extend into cyberspace, he says that cyberspace's role in war is more limited than doomsayers want us to believe.

Read More →

Syrian Electronic Army: A Brief Look at What Businesses Need to Know

  • Bruce Schneier
  • The Wall Street Journal
  • August 29, 2013

The Syrian Electronic Army attacked again this week, compromising the websites of the New York Times, Twitter, the Huffington Post and others.

Political hacking isn't new.  Hackers were breaking into systems for political reasons long before commerce and criminals discovered the Internet.  Over the years, we've seen U.K.

Read More →

Cyberconflicts and National Security

  • Bruce Schneier
  • UN Chronicle
  • July 18, 2013

Whenever national cybersecurity policy is discussed, the same stories come up again and again. Whether the examples are called acts of cyberwar, cyberespionage, hacktivism, or cyberterrorism, they all affect national interest, and there is a corresponding call for some sort of national cyberdefence.

Unfortunately, it is very difficult to identify attackers and their motivations in cyberspace. As a result, nations are classifying all serious cyberattacks as cyberwar.

Read More →

Has U.S. Started an Internet War?

  • Bruce Schneier
  • CNN
  • June 18, 2013

Today, the United States is conducting offensive cyberwar actions around the world.

More than passively eavesdropping, we're penetrating and damaging foreign networks for both espionage and to ready them for attack. We're creating custom-designed Internet weapons, pre-targeted and ready to be "fired" against some piece of another country's electronic infrastructure on a moment's notice.

This is much worse than what we're accusing China of doing to us.

Read More →

Rhetoric of Cyber War Breeds Fear—and More Cyber War

  • Bruce Schneier
  • The Irish Times
  • March 14, 2013

Americans have a weird relationship with the word “war”. We hate using it to describe actual wars but we love using it in a rhetorical context. We had the war on poverty, the war on crime, the war on drugs and the war on terror.

One of the big “wars” we’re talking about now is cyber war and, in this case, the word is dangerous.

Read More →

Danger Lurks in Growing New Internet Nationalism

Cyber-espionage is old news. What's new is the rhetoric, which is reaching a fever pitch right now.

  • Bruce Schneier
  • MIT Technology Review
  • March 11, 2013

For technology that was supposed to ignore borders, bring the world closer together, and sidestep the influence of national governments, the Internet is fostering an awful lot of nationalism right now. We've started to see increased concern about the country of origin of IT products and services; U.S. companies are worried about hardware from China; European companies are worried about cloud services in the U.S; no one is sure whether to trust hardware and software from Israel; Russia and China might each be building their own operating systems out of concern about using foreign ones.

Read More →

Militarizing Cyberspace Will Do More Harm Than Good

  • Bruce Schneier
  • The Irish Times
  • November 29, 2012

We're in the early years of a cyberwar arms race. It's expensive, it's destabilising and it threatens the very fabric of the internet we use every day. Cyberwar treaties, as imperfect as they might be, are the only way to contain the threat.

If you read the press and listen to government leaders, we're already in the middle of a cyberwar.

Read More →

Fear Pays the Bills, but Accounts Must Be Settled

  • Bruce Schneier
  • New York Times Room for Debate
  • October 19, 2012

A lot of the debate around President Obama's cybersecurity initiative center on how much of a burden it would be on industry, and how that should be financed. As important as that debate is, it obscures some of the larger issues surrounding cyberwar, cyberterrorism, and cybersecurity in general.

It's difficult to have any serious policy discussion amongst the fear mongering. Secretary Panetta's recent comments are just the latest; search the Internet for "cyber 9/11," "cyber Peal-Harbor," "cyber Katrina," or -- my favorite -- "cyber Armageddon."

There's an enormous amount of money and power that results from pushing cyberwar and cyberterrorism: power within the military, the Department of Homeland Security, and the Justice Department; and lucrative government contracts supporting those organizations.

Read More →

Debate Club: An International Cyberwar Treaty Is the Only Way to Stem the Threat

  • Bruce Schneier
  • U.S. News
  • June 8, 2012

We're in the early years of a cyberwar arms race. It's expensive, it's destabilizing, and it threatens the very fabric of the Internet we use every day. Cyberwar treaties, as imperfect as they might be, are the only way to contain the threat.

Read More →

It Will Soon Be Too Late to Stop the Cyberwars

  • Bruce Schneier
  • Financial Times
  • December 2, 2010

The world is gearing up for cyberwar. The US Cyber Command became operational in November. Nato has enshrined cyber security among its new strategic priorities. The head of Britain's armed forces said recently that boosting cyber capability is now a huge priority for the UK.

Read More →

3 Reasons to Kill the Internet Kill Switch Idea

  • Bruce Schneier
  • AOL News
  • July 9, 2010

Last month, Sen. Joe Lieberman, I-Conn., introduced a bill that might -- we're not really sure -- give the president the authority to shut down all or portions of the Internet in the event of an emergency. It's not a new idea. Sens. Jay Rockefeller, D-W.Va., and Olympia Snowe, R-Maine, proposed the same thing last year, and some argue that the president can already do something like this. If this or a similar bill ever passes, the details will change considerably and repeatedly.

Read More →

Threat of "Cyberwar" Has Been Hugely Hyped

  • Bruce Schneier
  • CNN
  • July 7, 2010

There's a power struggle going on in the U.S. government right now.

It's about who is in charge of cyber security, and how much control the government will exert over civilian networks. And by beating the drums of war, the military is coming out on top.

Read More →

So-called Cyberattack Was Overblown

  • Bruce Schneier
  • MPR NewsQ
  • July 13, 2009

To hear the media tell it, the United States suffered a major cyberattack last week. Stories were everywhere. "Cyber Blitz hits U.S., Korea" was the headline in Thursday's Wall Street Journal. North Korea was blamed.

Read More →

Chinese Cyberattacks: Myth or Menace?

  • Bruce Schneier
  • Information Security
  • July 2008

This essay appeared as the second half of a point/counterpoint with Marcus Ranum. Marcus's half is here.

The popular media narrative is that there is a coordinated attempt by the Chinese government to hack into U.S. computers--military, government, corporate--and steal secrets. The truth is a lot more complicated.

Read More →

The Truth About Chinese Hackers

  • Bruce Schneier
  • Discovery Technology
  • June 19, 2008

The scoop: Last week, Rep. Frank Wolf, a Virginia Republican, said four of his government computers had been hacked by sources working out of China. Bruce Schneier, an internationally renowned security technologist, gives us his take on what went down.

The popular media concept is that there is a coordinated attempt by the Chinese government to hack into U.S. computers -- military, government corporate -- and steal secrets. The truth is a lot more complicated.

Read More →

America's Dilemma: Close Security Holes, or Exploit Them Ourselves

  • Bruce Schneier
  • Wired
  • May 01, 2008

On April 27, 2007, Estonia was attacked in cyberspace. Following a diplomatic incident with Russia about the relocation of a Soviet World War II memorial, the networks of many Estonian organizations, including the Estonian parliament, banks, ministries, newspapers and broadcasters, were attacked and -- in many cases -- shut down. Estonia was quick to blame Russia, which was equally quick to deny any involvement.

It was hyped as the first cyberwar: Russia attacking Estonia in cyberspace.

Read More →

Cyberwar: Myth or Reality?

  • Bruce Schneier
  • Information Security
  • November 2007

This essay appeared as the second half of a point/counterpoint with Marcus Ranum. Marcus's half is here.

The biggest problems in discussing cyberwar are the definitions. The things most often described as cyberwar are really cyberterrorism, and the things most often described as cyberterrorism are more like cybercrime, cybervandalism or cyberhooliganism--or maybe cyberespionage.

At first glance there's nothing new about these terms except the "cyber" prefix.

Read More →

Vigilantism Is a Poor Response to Cyberattack

  • Bruce Schneier
  • Wired
  • April 05, 2007

Last month Marine Gen. James Cartwright told the House Armed Services Committee that the best cyberdefense is a good offense.

As reported in Federal Computer Week, Cartwright said: "History teaches us that a purely defensive posture poses significant risks," and that if "we apply the principle of warfare to the cyberdomain, as we do to sea, air and land, we realize the defense of the nation is better served by capabilities enabling us to take the fight to our adversaries, when necessary, to deter actions detrimental to our interests."

The general isn't alone. In 2003, the entertainment industry tried to get a law passed (.pdf) giving it the right to attack any computer suspected of distributing copyright-protected material. And there probably isn't a sysadmin in the world who doesn't want to strike back at computers that are blindly and repeatedly attacking their networks.

Read More →

Blaster and the Great Blackout

  • Bruce Schneier
  • Salon
  • December 16, 2003

Ten years ago our critical infrastructure was run by a series of specialized systems, both computerized and manual, on dedicated networks. Today, many of these computers have been replaced with standard mass-market computers connected via the Internet. This shift brings with it all sorts of cost savings, but it also brings additional risks. The same worms and viruses, the same vulnerabilities, the same Trojans and hacking tools that have so successfully ravaged the Internet can now affect our critical infrastructure.

Read More →

Internet Worms and Critical Infrastructure

  • Bruce Schneier
  • CNET News.com
  • December 9, 2003

Did MSBlast cause the Aug. 14 blackout? The official analysis says "no," but I'm not so sure. A November interim report a panel of government and industry officials issued concluded that the blackout was caused by a series of failures with the chain of events starting at FirstEnergy, a power company in Ohio. A series of human and computer failures then turned a small problem into a major one. And because critical alarm systems failed, workers at FirstEnergy did not stop the cascade, because they did not know what was happening.

Read More →

Click Here to Bring Down the Internet

  • Bruce Schneier
  • 1998

The Internet is fragile, rickety. It is at the mercy of every hacker and cracker. In recent Congressional testimony, hackers from the L0pht boasted that they could bring down the Internet in under 30 minutes. Should we be concerned?

Read More →

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.